Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
react-native-bugsnag
Advanced tools
Community-created Bugsnag package for React Native. It consumes the Bugsnag API to report errors from both the React Native (Javascript) environment AND the native (Obj-C or Java) environment.
Easily add Bugsnag exception monitoring support to your React Native application.
Although this is not affiliated with Bugsnag directly, we do have their support.
Install the official iOS Bugsnag sdk into your app according to their iOS instructions.
Ensure that Symbolication is properly setup in your project as well.
I used the carthage
way and ended up with a Bugsnag.framework
file.
Install the React Native Bugsnag package:
rnpm install --save react-native-bugsnag
(Make sure to restart your package manager afterwards.)
AppDelegate.m
file, add the following code changes:a. Import our RNBugsnag library:
#import <RNBugsnag/RNBugsnag.h> // Add this line.
@implementation AppDelegate
// ... other code
b. Initialize RNBugsnag inside of didFinishLaunchingWithOptions
:
- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions
{
// ... other code
[RNBugsnag init]; //initialize it
}
c. Add your BUSNAG Api Key inside the Info.Plist like so:
Add a new entry with a key of: `BUGSNAG_API_KEY` and a value of your Bugsnag API KEY ([Usually found within your project here](https://bugsnag.com/settings/)).
Opening the `Info.Plist` with a text editor your addition should look like this:
```
<key>BUGSNAG_API_KEY</key>
<string>whatever_your_api_key_is</string>
```
d. Add Bugsnag
to the RNBugsnag library. I did this by dragging the Bugsnag.framework
I made in step 1 to my RNBugsnag module target.
If you still want to check if things went well,
RNBugsnag.xcodeproj
within your main project (as a direct dependency coming from ./node_modules/react-native-bugsnag/ios/RNBugsnag.xcodeproj
)$(SRCROOT)/../node_modules/react-native-bugsnag/ios/RNBugsnag
within your Project-->Target-->Build Settings--> Header Search Paths.libRNBugsnag.a
linked to your project, check that on Project-->Target-->General-->Linked Frameworks and Libraries and see if you can find libRNBugsnag.a
Enjoy!
Go to your settings.gradle and add the following lines after
//somewhere after include ':app' add the following 2 lines
include ':react-native-bugsnag'
project(':react-native-bugsnag').projectDir = new File(rootProject.projectDir, '../node_modules/react-native-bugsnag/android')
Go to your app.gradle and add the following line in the end:
dependencies {
compile fileTree(dir: 'libs', include: ['*.jar'])
compile 'com.android.support:appcompat-v7:23.0.1'
compile 'com.facebook.react:react-native:+'
//...whatever code
compile project(':react-native-bugsnag') //<--Add this line
}
Go to your manifest.xml
and add the following line within the application tag replacing YOUR_API_KEY
:
<meta-data android:name="com.bugsnag.android.API_KEY" android:value="YOUR_API_KEY"/>
Go to your MainActivity.java
and add the following code:
import com.pintersudoplz.rnbugsnag.RNBugsnagPackage;
and then within your getPackages
add the line with the comment
@Override
protected List<ReactPackage> getPackages() {
// ...whatever code
return Arrays.<ReactPackage>asList(
new MainReactPackage(),
new RNBugsnagPackage() //add this line
);
}
import Bugsnag from 'react-native-bugsnag';
Bugsnag();
Congratulations!!
At that point you have basic error reporting functionality working. Any unhandled javascript or native errors thrown will be reported to Bugsnag.
suppressDevErrors
to true and passing it to the constructor, like so: Bugsnag({suppressDevErrors:true});
identifier
object to the constructor, like so: Bugsnag({identifier:{userId: "aUserId", userEmail:"anEmail@domain.com", userFullname:"aFullName"}})
You can manually create an exception using the following command:
Bugsnag.notify("TestExceptionName", "TestExceptionReason", "error");
The third parameter is the severity of the notification, it can be one of the following:
This is an important part of the process in order to get the actual method names and line numbers of the exceptions from iOS.
http://docs.bugsnag.com/platforms/ios-objc/symbolication-guide/
FAQs
Community-created Bugsnag package for React Native. It consumes the Bugsnag API to report errors from both the React Native (Javascript) environment AND the native (Obj-C or Java) environment.
The npm package react-native-bugsnag receives a total of 1 weekly downloads. As such, react-native-bugsnag popularity was classified as not popular.
We found that react-native-bugsnag demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.